package org.springframework.security.web.authentication.session;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.util.Assert;

/**
 * @author Dillon
 * @date 2024/7/14
 * @slogan 致敬大师 致敬未来的你
 * @desc 记住我过滤器配置类
 */
public class RegisterSessionAuthenticationStrategy implements SessionAuthenticationStrategy {

	/**
	 * session注册策略接口
	 */
	private final SessionRegistry sessionRegistry;

	/**
	 * 构造函数
	 * @param sessionRegistry session注册策略实现类
	 */
	public RegisterSessionAuthenticationStrategy(SessionRegistry sessionRegistry) {
		Assert.notNull(sessionRegistry, "session注册策略实现类不能为空");
		this.sessionRegistry = sessionRegistry;
	}

	/**
	 * 执行session注册策略类
	 *
	 * @param authentication 认证成功对象
	 * @param request        请求对象
	 * @param response       响应对象
	 * @throws SessionAuthenticationException session 认证异常
	 */
	@Override
	public void onAuthentication(Authentication authentication, HttpServletRequest request,
			HttpServletResponse response) {
		this.sessionRegistry.registerNewSession(request.getSession().getId(), authentication.getPrincipal());
	}

}
